Remote Access Guidelines
While it may be convenient to remotely access computer systems, allowing this access comes with substantial security risks. Although no system can be completely safe from intrusion, there are some best practices and tips to follow that will provide the necessary access and functionality in the most secure manner possible.
- Keep systems and applications up-to-date
- Keep both client and host (remote access server) systems updated with the most recent security patches and updates. Many updates resolve known security issues, and can help prevent some attacks from succeeding.
- Also make sure the remote access applications (as well as any other applications installed) also are kept up-to-date with the latest versions of software from the manufacturer.
- Use strong passwords and multi-factor authentication
- Use strong passwords for remote access services. Strong passwords are tough to guess or figure out (the longer the better), unique, and contain a variety of characters. See http://links.asu.edu/passwordstandard for more information
- When possible, enable and use multi-factor authentication to set up remote access. While this does require another authentication step, it will prevent an attacker from accessing your system even if your credentials are compromised or guessed.
- Change passwords often.
- Protect your passwords
- Be wary of phishing schemes and other scams that try to steal your passwords and other personal information.
- Restrict access
- Lock down the host system so that only valid use of remote access is allowed. Disable unused network ports/services, and make sure only allowed users are configured to be able to remotely access the system.
Secure Configuration tips for specific remote access applications:
- Microsoft Remote Desktop (RDP)